HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

HITRUST/AMA Launch Initiative to Help Small Healthcare Providers with HIPAA Compliance

HITRUST has announced it has partnered with the American Medical Association (AMA) for a new initiative that will help small healthcare providers with HIPAA compliance, cybersecurity, and cyber risk management.

Small healthcare providers can be particularly vulnerable to cyberattacks, as they typically lack the resources to devote to cybersecurity and do not tend to have the budgets available to hire skilled cybersecurity staff. This week has underscored the need for small practices to improve their cybersecurity defenses, with the announcement of two cyberattacks on small healthcare providers by the hacking group TheDarkOverlord.

Recent ransomware attacks have also shown that healthcare organizations of all sizes are likely to be attacked. Organizations of all sizes must practice good cyber hygiene and have the right defenses in place to improve resilience against ever changing cyber threats.

HITRUST and AMA will be hosting 2-hour workshops where physicians and other healthcare staff will be educated on key areas of risk management, HIPAA compliance, and cybersecurity, with the workshops specifically focused on small healthcare providers.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

The initiative runs alongside HITRUST’s Community Extension Program that was launched earlier this year, with the workshops taking place in the two hours prior to the HITRUST Community Extension Program events, which are taking place in 50 cities across the United States.

HITRUST explained, “Many clinics, physician offices, and other small providers are looking for local, community-based resources to help guide them through the journey of establishing governance and risk management programs to avoid a cyber-related breach or event that would disrupt their organization and expose the confidential information of their patients or members.” One of the aims of the workshops is to make good cyber hygiene manageable for small healthcare providers.

These workshops will provide the information small healthcare providers need to make significant improvements to their cybersecurity posture and help them meet the requirements of the HIPAA Security Rule.

While many topics will be covered in the workshops, they will be primarily focused on teaching the fundamentals of good cyber hygiene, explaining the need for cyber and HIPAA risk assessments, and will cover cost-effective technologies that can be implemented to improve cyber security.

“Trying to determine the best way to secure my practice from cyber threats was a significant – and at times, overwhelming – undertaking,” said Dr. J. Stefan Walker, a practicing physician in a small practice in Corpus Christi, TX. “Many existing cybersecurity resources and education programs are geared toward larger health care organizations and are not practical for a practice with only a handful of employees.” These workshops will help small healthcare organizations by providing relevant, useful, and practical advice specific to practices of their size.

The first workshop is being hosted by Children’s Health in Dallas, TX and will take place on October 9. Details of further events will be posted on the HITRUST website.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.